Home Office in times of Corona

How do I design a secure home office?

On this page you can find some information on how to design a secure home office especially in times of Corona.

A secure workplace protects not only you, but also your colleagues, the students and the digital infrastructure of the university itself.

Secure passwords

Encrypted WLAN

  • Use an encrypted and password protected WLAN when working over it. Instructions for this can usually be found in the packaging of your router or on the website of your Internet service provider.
  • For example, choose a WPA2 encryption and password according to our guidelines (see above).

Anti-virus software

Firewall

  • Make sure that your firewall is active. Do not deactivate it if your firewall blocks, for example, FortiClient, but add an exception.

Keep system up-to-date

  • Make sure that your system and security software are up-to-date. Regular updates help to keep your workplace secure.

Backup Security

  • Make backups of relevant data!
  • If you store them on a local external medium (USB stick, external hard disk), connect this medium only for the purpose of backup creation or use.
  • Encrypt mobile external data carriers (USB sticks)

Phishing mails

  • Be careful when handling received mails!
  • Do not open attachments from emails from unknown senders or from senders from whom you do not expect the corresponding mail.
  • Never click on links from emails from the above-mentioned senders. If necessary, check whether the link links to the address displayed.
  • Example: https://www.google.de and https://www.google.de link to two different pages. In most browsers, the bottom left corner shows where a link leads to when you move the mouse over it.
  • Always delete emails that arouse your suspicion.
  • Emails in which personal data, passwords, etc. are requested to be entered on a linked website are highly questionable.
  • Phishing is also possible via SMS, social media or other messengers, be careful!
  • Never send your password via email!

 

 

Please contact the RZ-Helpdesk in case of anomalies https://www.rz.uni-kiel.de/en/hotline

Do the same if you believe you have become a victim of phishing and your university identification could be compromised!

What is VPN and where can I find information about it?

The VPN service serves to establish a secure connection ('VPN tunnel') from locations outside the university to the campus network. This service, its setup and use are documented in detail on the website of the Computer Center: https://www.rz.uni-kiel.de/go/vpn

https://www.rz.uni-kiel.de/go/vpn

Do I need VPN to use all services of the CAU?

No, a large number of services can be accessed directly from the Internet and allow direct login, e.g.
    • Mail via mail clients and webmail in the browser after login https://www.rz.uni-kiel.de/de/tipps/mail-und-webmail
    • E-Learning Service OpenOlat
https://lms.uni-kiel.de/dmz/
    • Sync & Share Cloud in the Computer Center (currently in closed pilot phase)
    • Public website of the CAU

Are there uniform VPN authorizations for everyone at the CAU?

No, there is a general VPN configuration that in principle allows access to resources that are generally accessible from the campus and for which there are no other restrictions (e.g. license terms or administrative decisions). All students and employees can use this configuration. A large part of the CAU's resources (e.g. many services of the University Library) can be accessed via this general VPN.

in some cases so-called 'institute VPNs' exist for other resources that are normally only accessible within an institute. These allow access that goes beyond the general VPN that can be used by everyone. Such an institutie VPN is set up by the network group of the Computer Center at the request of the respective head of the institute  in close consultation with the institute's IT personnel. Individual activation for use is then carried out on behalf of the head of the institute by decentralised IT representatives.

 Further information can be found in a separate information sheet:
https://www.rz.uni-kiel.de/de/ueber-uns/dokumente/merkblatt-vpn-20170602.pdf
 
 Applications can be made with a separate form:
https://www.rz.uni-kiel.de/de/ueber-uns/dokumente/formulare/anmeldung/de_22_vpn.pdf

If you have any questions please contact us by e-mail at vpn@rz.uni-kiel.de .

 

Who do I contact to get access?

The general VPN configuration for access to campus-wide available resources should be enabled for all computer center IDs. You can check this yourself by logging into the CIM portal and checking whether the service 'VPN communication network' is booked for your account:

CIM-Portal VPN-Buchung

First clarify with your supervisor, taking into account the guidelines of the university, whether access from home is at all possible for you, for which resources, with which device and under which conditions.


Activation for a 'institute VPN' is technically carried out the institute IT representative on the instruction of the head of the institute.

 

How can I check whether the password I have in my head also works for VPN?

That is very simple: In the browser go to


   https://vpn.rz.uni-kiel.de/


and log in with your computer center ID and the account password ( = Active Directory password).

What other basic advice do you have for me?

Please check whether you can log on to the CIM Service Portal
  https://cim.rz.uni-kiel.de/cimportal .
Here you can check which services you have booked and change your passwords.

In general, the Computer Center also advises all customers to leave a contact e-mail address so that they can restore access to the portal if the PIN is not available, for example because the letter with your PIN is at your workplace but you cannot get there at the moment.

The procedure is explained in the CIM FAQ
https://www.rz.uni-kiel.de/otrs/public.pl?Action=PublicFAQExplorer;CategoryID=50
(Question 'I want to save a new contact e-mail address in the CIM Service Portal')

Which ID do I need to use, which password?

Use the so-called RZ ID (Computer Center ID), which is generally in the form suabc123, i.e. it consists of 8 characters, the last three of which are digits. To log into the VPN, you then use your so-called 'account password', which is also your password in the Active Directory and is therefore valid for logging into Windows workstations in the Active Directory (central administration), for the Exchange mail service, the campus copiers and the poster printing service.

How do I reset my password?

On the website of the Computer Center there is a detailed, illustrated instruction on how to change the password of a service in the CIM Service Portal. The instructions include an example of how to change the password for the WLAN service. You can change the account password in the same way.

https://www.rz.uni-kiel.de/de/angebote/idm/aenderung-von-passwoertern/andern-eines-dienst-passwortes

If you are unable to log into the Service Portal, you can find information in the RZ-FAQ at
https://www.rz.uni-kiel.de/otrs/public.pl?Action=PublicFAQExplorer;CategoryID=50

Could there be bottlenecks in the VPN service? What should I do?

The resources of the VPN appliance are basically limited, both the number of connections and the amount of transferred (and thus to be encrypted) data play a role. Therefore, use this connection carefully and avoid excessive loads. For example, transferring one terabyte of measurement and research data work on at home would have a negative impact on other users.

Another problem is that, if VPN is activated, connections from the home PC to services outside the CAU are also routed through the VPN tunnel. For this reason, the computer connected to the VPN tunnel should not use video streaming services in another window, for example, since these streams would also be routed and encrypted through the VPN appliance.